Physical security systems include equipment and processes that implement physical security measures for incidents, access control, monitoring systems, lighting, security, audits, inspection, facility management, building automation, and the like. Almost all businesses, large commercial and government facilities, and many homes utilize physical security systems to alert owners and operators about potentially harmful activities such as intrusion, theft, fire, flooding, gas leaks, and so on. Physical Security Systems can comprise a wide range of functions, such as access control, safety and security, and video surveillance that helps protect, monitor or control threats to an organization. Many large businesses and entities also employ access control systems that monitor and control personnel access to physical resources such as buildings and offices, and even asset movement (e.g., products or material) to and from the premises. These systems generally consist of a repository of individual records and access privileges and control access control hardware such as readers (for example cards, biometric sensors) and controllers (for example door controllers) for allowing or disallowing access to physical resources.
Many different physical security systems are available on the market, and are manufactured by a variety of vendors, each of which may have its own standards of data representation and exchange. Large entities, such as big corporations or government departments may utilize multiple physical access control systems distributed across the world, or even within certain locations, such as a single building. These can have multiple representations of individuals or assets, and non-uniform policies for access to physical resources. Besides the representation of entities within the system, alarm triggering events can also be represented differently among different vendors, or even within different security systems from a single vendor. The access and alarm events from different physical security systems generally do not follow standard definitions. This prevents the creation of uniform policy, enforcement and compliance procedures across corporations and multiple systems.
Some attempts have been made to standardize the communication protocols between various building automation systems. One such communication protocol is BACnet for automation and control systems for HVAC (heating ventilating and air conditioning), lighting control, etc. Such communication standards, however, are limited to building automation functions and do not provide seamless integration with other physical security or network security control systems.
An important area of security and control in many modern businesses and organizations is computers, information systems, networks and telecommunications security. Network equipment such as routers control the flow of network packets for IT and network applications such as e-mail, Internet access, file transfers (e.g., FTP), and so on. Network packet routing by network equipment such as routers and security by firewalls is typically performed independently of physical security states or events. Physical security access data and events from physical access control systems, monitoring and surveillance systems such as video, building lighting and control systems, fire/HVAC/temperature/humidity control systems, etc are generally not factored in real-time for either determining individual's access to network and applications resources or affecting the behavior of the network to either enforce security policies or mitigate security risks.
What is needed, therefore, is a system for integrating and normalizing physical security data, states and events from disparate physical security systems, devices and sensors to maintain in real-time rules based policy state information to enforce physical security policies uniformly across network and information technology (IT) systems.
Conversely, what is also needed is a system for integrating data, states and events information from network and information technology systems to maintain in real-time, rules based policy state information to enforce network and IT system policies uniformly across physical security systems and infrastructure.
What is further needed is a method of relating (mapping and correlating) IT & network systems policies with physical security systems policies and vice-versa—physical systems policies with network & IT systems policies on IP based network appliances like a router, firewall, computer, etc. such that such appliances become “physical security policy” aware and can affect the behavior of the network or IT systems or physical security systems to either enforce security policies or mitigate security risks.
What is further needed is a system that provides an integration platform to maintain physical security states and enforce rules in real time based on security system data and events and conversely affect the behavior of security systems based on rules defined on IT and network systems data, states and events.